e15d7a83a8c99cdd55d926384b70bffd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e15d7a83a8c99cdd55d926384b70bffd_JaffaCakes118
Size

863KB
MD5

e15d7a83a8c99cdd55d926384b70bffd
SHA1

d18df85a6d5e77f8dfc236c3c50d2bd086648ff9
SHA256

2b601632a6ac37582d885e8855004abcedbfc393249632569bfe60172b36e308
SHA512

33148e5fcd684fdeb6cf6f4b72965b5205df11ea67f7f84c9cff012da6996b5e9a045cde037bfb100e7393e0214ed67f60090046b9e82018a9a040e780c9059d
SSDEEP

24576:agf1+dgn8yYD1B/ReY1gYJfyWJcA7rMBLDojyAZ:r+dhyYDTReY1gYJXH2LD8yI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e15d7a83a8c99cdd55d926384b70bffd_JaffaCakes118

Files

e15d7a83a8c99cdd55d926384b70bffd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d0e778ae20db2e8251e5730f874da034

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

EnumDependentServicesA
FindFirstFreeAce
GetAclInformation
PrivilegeCheck
CryptHashSessionKey
RegQueryValueA
GetTrusteeTypeA
InitializeAcl
QueryServiceObjectSecurity
CryptEncrypt
CopySid
RegUnLoadKeyA
GetNumberOfEventLogRecords
DeregisterEventSource
RegConnectRegistryA
CryptContextAddRef
IsTextUnicode
SetServiceStatus
GetSecurityDescriptorOwner
CryptDestroyHash
GetSidSubAuthority
RegSaveKeyA
GetExplicitEntriesFromAclA
SetEntriesInAuditListA
CryptGenKey
GetMultipleTrusteeA
AccessCheck
RevertToSelf
GetServiceDisplayNameA
RegFlushKey
RegOpenKeyA
AllocateAndInitializeSid
BackupEventLogA
CryptSetKeyParam
RegDeleteValueA
BuildSecurityDescriptorA
ObjectDeleteAuditAlarmA
GetSecurityDescriptorControl
OpenEventLogA

user32

GetDlgCtrlID
CreateWindowExA
RegisterWindowMessageA
ToUnicodeEx
IsCharLowerA
WinHelpA
GetMenuItemCount
FindWindowExA
UnhookWinEvent
GetAsyncKeyState
PostQuitMessage
GetScrollBarInfo
SwitchToThisWindow
DdeClientTransaction
CreateDialogParamA
DlgDirSelectExA
EnableScrollBar
DdeQueryStringA
MapVirtualKeyExA
DrawTextExA
PackDDElParam
DdeCreateDataHandle
LoadIconA
SetWindowRgn
LoadAcceleratorsA
SetMessageExtraInfo
GetClassWord
DdeNameService
SetKeyboardState
SetClipboardData
FreeDDElParam
LoadMenuIndirectA
EndMenu
ShowWindowAsync
GetShellWindow
GetWindowRect
GetTopWindow
SetMenuDefaultItem
GetNextDlgTabItem
RemovePropA
IMPGetIMEA
EnumDisplayMonitors
CreateAcceleratorTableA
DrawMenuBar
GetLastActivePopup
GetIconInfo
OemToCharA
SetWindowContextHelpId
RedrawWindow
CheckMenuItem
GetProcessDefaultLayout

kernel32

GetCurrentDirectoryA

Sections

.wbmb
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vcfgd
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fkh
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.clahi
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ryzin
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qhcna
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rojw
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ziva
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.knoz
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0e778ae20db2e8251e5730f874da034

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.wbmb Size: 638KB - Virtual size: 1.3MB

.vcfgd Size: 6KB - Virtual size: 8KB

.fkh Size: 19KB - Virtual size: 27KB

.clahi Size: 512B - Virtual size: 21KB

.ryzin Size: 6KB - Virtual size: 15KB

.qhcna Size: 512B - Virtual size: 56B

.rojw Size: 512B - Virtual size: 24B

.ziva Size: 48KB - Virtual size: 77KB

.knoz Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.wbmb
Size: 638KB - Virtual size: 1.3MB

.vcfgd
Size: 6KB - Virtual size: 8KB

.fkh
Size: 19KB - Virtual size: 27KB

.clahi
Size: 512B - Virtual size: 21KB

.ryzin
Size: 6KB - Virtual size: 15KB

.qhcna
Size: 512B - Virtual size: 56B

.rojw
Size: 512B - Virtual size: 24B

.ziva
Size: 48KB - Virtual size: 77KB

.knoz
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB